Search in ISMS Guides

Wednesday, September 12, 2007

Protection of sensitive information and improving IT control by implementing Six Sigma approach

by Kaskyrbekova Aigerim

Table of contentsAbstractIntroduction (purpose of the project, problem statement, motivation, significance of theproject etc)I Data loss results: confirmed losses of sensitive data· Which data are most sensitive?II Leading causes of data loss.· The primary channels for sensitive data lossIII Strategic actions to protect sensitive data· More monitoring and measurement· IT controls and sensitive data losses· Lost data: lost revenues, lost customers and additional expenses· Benefits of protecting sensitive dataIV Implementing Six Sigma approach in IT control.· Case Studies/Applications Motorola company· Six Sigma Methodologies· Six Sigma’s Role in Information TechnologyConclusion· Reference

IntroductionIt’s hard to imagine what businesses would do without technology. With most commercial interactions (and transactions) riding on multiple internal and external electronic environments—and ever-mounting mandates for demonstrating accountability—organizations have more incentive than ever to keep core business data safe and secure. What are companies doing to protect their data, and are these efforts successful? My project provides a clearer understanding of the state of data protection across many different industries, and compares the characteristics, strategic and tactical Actions for improving results. Due to the under-reported nature of the issue—no organization wants to be featured on the front-page of the business press for losing customer data—the findings and numbers are enlightening, compelling, and hopefully will act as a diagnostic framework for taking action that will help to reduce data loss, customer loss, revenue loss and hence improve results.

Nowadays, protection of information became more crucial issue than two, three decades ago. The mass circulation of information allows people to find all the necessary information through internet. Therefore, protection of sensitive information such personal, financial, customers and employee information are becoming more difficult especially for big companies where from Customer Lists, to Merger and Acquisition information, emails and electronic documents companies hold most valuable and sensitive data. In high competitive world, companies are trying be most innovative in order to be profitable and sustain which come being different by creating unique products. Nevertheless, to make it so companies should protect their internal privacy this can be attack as well by external for example hackers as internal by employees and customers. In world of information overflow, each can easily gather electronic documents of most valuable and sensitive information some are trying to be benefit from selling stolen information. According to the Privacy Rights Clearinghouse (PRC) from February 15 2005 to January 19 2007 453 separate incident of data lost was recorded where almost 100 million sensitive, personally identifiable information was unprotected and stolen or lost. Based on information of stolen or lost data which was made public, it becomes clear that different industries are faced and have experienced with sensitive data lost where some companies affected more than others due to kind of industry and size of organization. In the list of organizations, which was announced as data lose, were widely known companies where trust hood is playing a big role. Thus, protecting the sensitive electronic information is a huge challenge, which can be improved by leveraging Six Sigma program by eliminating defect in order to meet customer and employees satisfaction. This report will help understand Six Sigma theory, Six Sigma tools that are available, and the ways in which Six Sigma can be applied to IT.